A Global Shift

Today, safeguarding a transportation site is more complex than ever

If you don’t think the aftermath of Sept. 11, 2001, continues to have strong repercussions throughout the world, then you haven’t traveled much in the last six years. Security is still the word du jour—perhaps even more so as time goes on. Transportation venues continue to protect themselves from terrorist threats. A primary concern, in addition to getting people where they need to go on time, is to create a safe, secure and protective travel environment for passengers, tenants and employees.

This is not accomplished easily or by accident. A maze of security and regulatory issues face every transportation hub. For instance, in the case of an airport, security starts with a thorough understanding of Title 49 CFR Part 1542 of Homeland Security’s Transportation Department. It covers a lot—ranging from who must be in charge, how to become compliant and parameters for airport tenant security programs to security of various locations within the airport, law enforcement and, yes, access control. The first objective is to reduce the complexity of this and other pertinent regulations, along with the security ramifications.

Next, one needs to determine and resolve airport security and fire-safety vulnerabilities. Security could be almost perfect if everything were locked down and nobody could come or go. But that’s not feasible. What needs to be done to ensure that security is at a high level but that innocent people can escape when needed? There’s a compromise typically found within the afore-mentioned regulations and local codes.

The Transportation Security Pyramid
The levels of security can be best represented by a pyramid. The integration with all levels of this pyramid ensures seamless security and access control.

At the foundation, Level 1 covers mechanical access and egress. This includes exterior and interior doors, door hardware, mechanical locks, keying systems and portable security.

Level 2 is electronic access control and key management, which includes electronic key management systems and standalone electronic access controlled openings. Level 3 covers networked access control and biometrics for the management of perimeter and controlled public openings performed by biometrics and electronic access control systems. Finally, Level 4 covers facility integration, which includes the management of assets and people, as well as the integrated facility solution encompassing access control, time and attendance, and staff scheduling.

With all this as background, protecting a transportation hub starts with a comprehensive site assessment and solution-generating task to identify the critical access openings of the facility. Security needs at all levels must be acknowledged. An access security breach assessment will spot gaps between the current state of security and present and future needs.

An assessment starts with identifying all the security stakeholders involved. This will include the security coordinator at the venue, the Transportation Security Administration, local fire and law enforcement, union leaders, tenants and carriers. All parties need to all be brought in up front and kept engaged throughout the process. Otherwise, anyone could throw a roadblock into an otherwise perfect plan.

Access Control Needs
Needless to say, critical openings must be identified. Since most people are familiar with them, let’s use an airport as an example. When one starts researching, a host of access means emerge:

• Terminals—public and private areas
• Aircraft operations areas (AOA)—tarmac, taxiways and jetways
• Employee movement—including outsourced service
• Catering service
• Air traffic control
• Aircraft—parked and active
• Passengers—screening, ticketing, metal/explosives detection
• Baggage systems—carry-on, checked and handlers
• Navigation systems
• Vehicle control—automobile and cargo
• Parking lots—employee and passenger surveillance
• Cargo facilities

What are the security and safety needs of each access point? For instance, does security need to capture and monitor real-time events with the ability to record if a breach occurs? For example, there is a big difference between jarring open a door to get janitorial supplies and breaking through onto the tarmac.

Remember needing to identify all stakeholders? Here’s one example. Does human resources want to combine with security and link time and attendance recording to security to stop buddy punching? Or, how can passengers who have had background checks be moved quickly to their boarding areas while still keeping security high? Once the security needs of each opening have been determined, it’s time to perform physical assessments. In other words, what type of products should be used?

Real-Life Examples
Remember how it’s important to balance security and life safety? Inchon (Korea), Jorge Chavev (Peru), Suvarnabhumi (Bangkok), Dubai, Detroit, Hong Kong and many other locations do just that with Von Duprin exit devices, which keep a door locked from the outside while remaining unlocked inside.

For example, Charlotte Douglas International Airport’s solution uses proximity card technology, monitoring switches and a Schlage locking mechanism on one side of the door and a Von Duprin exit device on the other. The exit device side upholds the security of the jetway area in terms of accessibility, and the locking mechanism ensures access control in its ability to lock down on demand.

Most transportation centers use Von Duprin’s Chexit™, a self-contained delayed exit system that incorporates all controls, auxiliary locking, local alarm and remote signaling output. A key cylinder on the front of the device arms and disarms it. An LED indicator shows its status. The system sounds an alarm and delays a person from exiting through a door for a coderegulated 15 seconds. Not only does this discourage unauthorized use, but it also provides an opportunity for a response. For instance, the security system might trigger a CCTV camera to capture a visual record of activity at the door. However, when the building’s fire alarm or sprinkler system is activated during an emergency, these devices automatically disable to allow immediate egress.

How can someone be stopped from sneaking onto a tarmac? The person could simply use someone else’s card or key. Since 1991, San Francisco International (SFO), the nation’s fifth busiest airport, has employed biometric hand geometry readers to secure its AOA, allowing access to authorized individuals only.

The airport’s 300 hand readers span the entire facility, securing more than 180 doors and verifying the identity of more than 18,000 employees. The use of biometrics at San Francisco is airport-wide and fully integrated into the primary access control system.

In fact, those aren’t the only places they are deployed. Covenant Aviation Security, a private company that was awarded a TSA contract to protect SFO from terrorism, is using hand readers to verify employee identities before granting them access to work areas.

“After Covenant Aviation Security was awarded the TSA’s private passenger screening contract at SFO in October 2002, it was crucial to have a system in place that accurately and consistently identified our more than 1,200 employees arriving and departing work every day,” said Tom Long, executive vice president of Covenant. “Since day one, our Schlage HandPunch 4000 has provided us with a quality product that we will continue to depend on at San Francisco International Airport.”

At Miami International Airport, HandPunch terminals take time and attendance readings for the janitorial services. The system not only identifies individuals by who they are, but also prevents employees from entering work areas during nonworking hours and monitors their frequency of service and maintenance. Almost all major airports and many smaller airports use hand geometry to make sure that only those authorized to get through an opening can do so.

At Yeager Airport in Charleston, W. Va., hand readers restrict access to the control tower, which is located in the airport terminal, and to the HVAC system and other sensitive equipment. The control tower doors are opened about every five minutes around the clock. The hand readers are all networked to the airport’s central security system computer. One of the hand readers is used as the master for enrollment purposes.

“We feel that hand geometry is the best and most reliable biometric technology available,” said Rick Atkinson, Yeager Airport director. “We have never had any problems with the hand readers since installing them in December 2001. They work fine and are easy to administer."

What can be done to increase passenger convenience? Tel Aviv’s Ben Gurion International Airport, the largest airport in Israel, figured that out several years ago to accommodate more than 2 million annual passengers. Of course, Israeli security is considered second to none and, since 1974, no flight departing from Ben Gurion has been blown up or hijacked by a terrorist.

Ben Gurion’s award-winning biometric system has reduced waiting times at security checkpoints from hours to seconds. The program handles 15 percent of Ben Gurion passengers. Nearly 100,000 Israeli citizens (2 percent of Israel’s population) have enrolled in the program, and more than 1 million authentications have been produced in the first two years of operation. Travelers go through an extensive background check to ensure they are low risk.

An annual fee of approximately $20 is charged to use the system. To reach the boarding areas, Israeli citizens use an automated inspection identification kiosk. The user selects one of his credit cards. When entered, the credit card provides an ID number to the system. Then, upon placing a hand on the hand reader, the user’s biometric information is compared to the security database. If the information matches, the system prints out a receipt and the traveler proceeds through a system-controlled gate. If the system denies passage, it sends an alert message and the traveler is referred to an immigration inspector.

The Next Step
Once it’s been decided what to use at each opening, it is time to identify coverage gaps and vulnerabilities. For instance, among other things, to comply with Title 49 CFR Part 1542, the mechanical locks in Level 1 of the pyramid must be operational all year. This isn’t a problem in Miami, but it can cause havoc in Detroit.

For Level 2 systems, one requirement is the ability to rekey and recode locks quickly. That’s why so many transportation locales prefer stand-alone computer managed locks. For instance, SFO uses 280 of them. Stand-alone, programmable, batterypowered locks are networked through software to provide audit-trail capability and time-based scheduling for restricting access.

New users, access points and access privileges can be entered into the system in seconds. The system also provides an audit trail capability. A CM system can support a variety of credential types, including PIN codes, magnetic stripe cards, iButtons, proximity cards and biometrics. Users and access points, as well as access privileges, can quickly and easily be added and deleted from the system. The system operator easily can control both users and access points based on time of day, day of week, credential needed and/or period of time. Reports show audit trails retrieved, access privileges granted and time functions established by either the user or door.

With a laptop or PDA, the administrator goes to the opening, plugs in the interface to the locking system at the door and quickly uploads new access instructions to the lock while downloading audits of who has been through the door and when.

Charlotte Douglas took a different approach. The airport’s stand-alone system had grown to 100 doors, and it could take up to two days to change out all the combinations when needed. That was just too much time and not enough security. Officials also wanted to perform locking control from one centralized control station and integrate jetway door locks with the airport’s existing access control network. Plus, the airport needed a solution that easily could be retrofitted into the lock technology in place, avoiding expensive and time-consuming wiring and construction.

The airport’s new locking devices have all the switches built in so they easily integrate into the airport’s existing Software House access control system. Instead of running yards upon yards of conduit, installers only had to run four wires to each doorway. With the new locking devices in place, security can determine, program and change the access privileges of users and the locking status of the doors in real-time and on demand.

Likewise, Levels 3 and 4 also have their requirements. If there is a gap or vulnerability in any of these levels, the system won’t be certified. Lastly, transportation facility management needs a cost-justification analysis and project plan.

While nobody will argue that it is good to plan and test—searching for the best and most viable solutions to protect the world’s traveling public— security professionals put more stock in what’s been successful. Those venues already using successful security systems provide a roadmap to follow.

Featured

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

  • 6 Ways Security Awareness Training Empowers Human Risk Management

    Organizations are realizing that their greatest vulnerability often comes from within – their own people. Human error remains a significant factor in cybersecurity breaches, making it imperative for organizations to address human risk effectively. As a result, security awareness training (SAT) has emerged as a cornerstone in this endeavor because it offers a multifaceted approach to managing human risk. Read Now

  • The Stage is Set

    The security industry spans the entire globe, with manufacturers, developers and suppliers on every continent (well, almost—sorry, Antarctica). That means when regulations pop up in one area, they often have a ripple effect that impacts the entire supply chain. Recent data privacy regulations like GDPR in Europe and CPRA in California made waves when they first went into effect, forcing businesses to change the way they approach data collection and storage to continue operating in those markets. Even highly specific regulations like the U.S.’s National Defense Authorization Act (NDAA) can have international reverberations – and this growing volume of legislation has continued to affect global supply chains in a variety of different ways. Read Now

  • Access Control Technology

    As we move swiftly toward the end of 2024, the security industry is looking at the trends in play, what might be on the horizon, and how they will impact business opportunities and projections. Read Now

Featured Cybersecurity

Webinars

New Products

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area. 3

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3